feat: update template

[Quentintnrl]

No description provided.

[Copilot]

Pull request overview

Updates the repository from a “Hello World” Rust app to an Actix Web API template with health/hello endpoints, JWT middleware scaffolding, Swagger/OpenAPI docs, and Docker-based local dev setup.

Changes:

• Add Actix Web server with / (POST) and /health (GET) endpoints plus Swagger UI/OpenAPI generation.
• Introduce JWT auth middleware module and create a library crate layout (src/lib.rs + module tree).
• Add Docker/Docker Compose development/runtime scaffolding (Liquibase + Postgres + Redis + nginx) and supporting scripts/ignores.

Reviewed changes

Copilot reviewed 19 out of 22 changed files in this pull request and generated 13 comments.

Show a summary per file

File	Description
src/main.rs	New Actix Web server bootstrap + endpoints + OpenAPI/Swagger UI wiring
src/auth_middleware.rs	JWT validation middleware (Actix Transform)
src/lib.rs	Exposes middleware/database/endpoints modules as a library crate
src/endpoints/mod.rs	Placeholder endpoints module
src/database/mod.rs	Database module tree scaffolding
src/database/postgresql/mod.rs	Postgres submodule scaffolding
src/database/postgresql/queries/mod.rs	Placeholder module
src/database/queries/mod.rs	Placeholder module
src/database/query_views/mod.rs	Placeholder module
src/database/queries_result_views/mod.rs	Placeholder module
entrypoint.sh	Dev entrypoint using cargo watch
docker-compose.yml	Local stack definition (db/redis/liquibase/api/nginx)
development.Dockerfile	Dev image for hot-reload workflow
Dockerfile	Multi-stage release build image
Cargo.toml	Adds web/db/redis/openapi dependencies and renames package
Cargo.lock	Dependency lockfile generated for new crate set
.gitignore	Ignore .env and Postman collection export
.dockerignore	Reduce Docker build context contents
.github/workflows/cicd.yml	CI/CD workflow placeholder (currently commented out)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

nginx.depends_on references {api}, but the service defined in this file is named api. As-is, Compose will error because {api} is not a valid service key. If this is meant to be templated, consider using a valid default (e.g., api) and drive overrides via variables instead of changing YAML keys.

Suggested change

	{api}: #change api name
	api: #change api name

[Copilot]

The runtime stage copies /usr/src/app/target/release/core_api, but this crate’s package name is API_Template and no [[bin]] name is defined. The release binary produced by cargo build --release won’t be core_api, so the Docker build will fail at this COPY step. Update the COPY path (or set an explicit binary name in Cargo.toml / cargo build --bin ...).

[Copilot]

WORKDIR is /usr/src/core, but docker-compose.yml’s file sync targets /usr/src/{api}/.... With the current defaults, the dev container won’t see synced sources at the working directory used by cargo watch. Align the container workdir with the compose sync targets (or vice versa) so hot-reload works without manual edits.

Suggested change

	WORKDIR /usr/src/core
	WORKDIR /usr/src/api

[Copilot]

There are unused imports here (web and JwtMiddleware), which will trigger unused_imports warnings (and can become hard errors if warnings are denied in CI/tooling). Either remove them for now, or wire the middleware/scope into the App so the imports are used.

Suggested change

	use actix_web::{get, middleware, post, web, App, HttpResponse, HttpServer, Responder};
	use API_Template::auth_middleware::JwtMiddleware;
	use actix_web::{get, middleware, post, App, HttpResponse, HttpServer, Responder};

[Copilot]

This workflow file is fully commented out, so it will never run. After removing the other workflows, the repo effectively has no CI configured; either enable this workflow (and make placeholders valid) or remove it to avoid confusion.

Suggested change

	# name: API CI/CD
	# on:
	# workflow_dispatch:
	# push:
	# permissions:
	# contents: read
	# packages: write
	# jobs:
	# APIs-cicd:
	# uses: mairie360/CICD/.github/workflows/APIs_cicd.yml@main
	# permissions:
	# contents: write
	# packages: write
	# id-token: write
	# with:
	# postman_collection: ${{ vars.POSTMAN_{API}_API_COLLECTION_ID }} #change api name
	# postman_environment: ${{ vars.POSTMAN_{API}_API_ENV_ID }} #change api name
	# package_name: api-api #change api name
	# secrets: inherit

[Copilot]

The block doc comment starts as /** * Handles ... which embeds the leading * into the first line and is inconsistent with typical Rust doc comments. Prefer /// line doc comments (or a properly formatted /** ... */) so the generated docs render cleanly.

[Copilot]

Typo in the OpenAPI tag description: templatefunctionalities should be template functionalities (or similar).

Suggested change

	(name = "Template API", description = "Endpoints for templatefunctionalities")
	(name = "Template API", description = "Endpoints for template functionalities")

[Copilot]

PORT: {port} is not valid YAML (unquoted {...} is parsed as a flow mapping), so docker compose will fail to parse this file. Use a quoted placeholder or (preferably) Compose env substitution (e.g., ${PORT} with a default) so the file remains valid YAML out of the box.

[Copilot]

Top-level volume is declared as core-target, but the api service mounts api-target. As written, core-target is unused and the intended named volume for the build cache/target dir is unclear. Align the declared volume name with the one mounted by the service.

Suggested change

	core-target:
	api-target:

[Copilot]

In this runtime image stage, the service runs as the default root user because no USER directive is set, whereas the previous Dockerfile explicitly dropped privileges to a non-root user. If an attacker ever achieves remote code execution in the application, they will gain full root privileges inside the container, which significantly increases the risk of container breakout or host impact. To reduce this risk, create a dedicated unprivileged user in this stage and switch to it with a USER directive before starting core-api.